Automata Construction for PSL
Size: px
Start display at page:

Download "Automata Construction for PSL"

Transcription

1 Automata Construction for Doron Bustan 1 Dana Fisman 2 John Havlicek 1 dbustan@freescale.com dana.fisman@weizmann.ac.il john.havlicek@freescale.com 1 Freescale Semiconductor, Inc. 2 Weizmann Institute of Science, IBM Haifa Research Lab May 10, Introduction The language [1] is a temporal logic standardized by the Accellera standards organization and currently undergoing the process of becoming an IEEE standard. The core of, denoted here LTL WR, is an extension of the linear temporal logic LTL. The extension takes two orthogonal directions. In one direction the logic is interpreted over finite, possibly truncated, as well as infinite words. Truncated words are words that are finite, but not necessarily maximal. Reasoning over truncated words (as well as maximal words) is important for incomplete verification methods such as simulation and bounded model checking as well as for supporting abort/reset operators [7]. In another direction, new basic formulas and operators are added to the language. The new basic formulas are weak and strong regular expressions [6], and the new operators are suffix conjunction/implication that combine regular expressions with other formulas. In this document we provide automata construction for LTL WR. We show that for every LTL WR formula ϕ there exists a Büchi automaton whose size is exponential in the size of ϕ. In addition, we classify the complexity of model checking simple properties of the regular expression layer. The suggested constructions can be used in the process of model checking properties using the automata-theoretic approach. A construction for a logic extending LTL with suffix conjuction/implication operators, interpreted over infinite words appears in [9]. A construction for a logic extending LTL with suffix conjunction/implication operators, interpreted over finite/infinite maximal words appears in [10]. A construction for reasoning over truncated words, via reset operators appears in [2]. Our contribution is twofold. First, we are the first to show a construction for weak regular expressions. The work of this author was supported in part by the European Commission (FP6 STREP PROSYD contract no ) and carried out at the John von-neumann Minerva Center for the Verification of Reactive Systems. 1

2 Second, we are the first to show a complete construction for LTL WR, synthesizing previous results into a cohesive whole. 2 Preliminaries 2.1 The Logic Below we provide a formal definition of the temporal logic LTL WR, an extension of LTL with weak and strong REs and a suffix conjunction/implication operator, interpreted over finite (possibly truncated) as well as infinite words. Notations We denote a letter from a given alphabet Σ by l and an empty, finite, or infinite word from Σ by u, v, or w (possibly with subscripts). The concatenation of u and v is denoted by uv. If u is infinite, then uv = u. The empty word is denoted by ɛ, so that wɛ = ɛw = w. If w = uv we say that u is a prefix of w, denoted u w, that v is a suffix of w, and that w is an extension of u, denoted w u. We denote the length of word v as v. The empty word ɛ has length 0, a finite word v = (l 0 l 1 l 2 l n ) has length n+1, and an infinite word has length ω. We use i, j, and k to denote nonnegative integers. For i < v we use v i to denote the (i + 1) st letter of v (since counting of letters starts at zero), and we denote by v i.. the suffix of v starting at v i. When i j v, we denote by v i..j the finite sequence of letters starting from v i and ending in v j. That is, v i..j = v i v i+1 v j. We denote by l k the word of length k, each letter of which is l, and by l ω the infinite-length word, each letter of which is l. We use Σ to denote the set of all finite words over Σ, and Σ ω to denote the set of all infinite words over Σ. We use Σ to denote the set of all finite and infinite words over Σ. An unlabeled tree is a prefix-closed subset of N. Elements of the tree are referred to as nodes. For a node t N we refer to t as the depth of t. The node ɛ is called the root. For nodes t 1 and t 2 such that t 1 t 2 we say that t 2 is a descendant of t 1. If t 2 is a descendant of t 1 and t 2 = t we say that t 2 is a child of t 1. A Σ-labeled tree τ is a pair T, t where T is an unlabeled tree and t : T Σ maps nodes of T to symbols in Σ. Syntax The logic LTL WR is defined over boolean expressions as well as regular expressions. We assume a given set B of boolean expressions defined over a set P of atomic propositions. Below we define Regular Expressions (REs) using,, and for concatenation, union and Kleene-closure, respectively. Definition 1 (REs) 2

3 Every boolean expression b B is an RE. If r, r 1 and r 2 are REs, then the following are REs: r 1 r 2 r 1 r 2 r Definition 2 (LTL WR formulas) If b is a boolean expression then b! is an LTL formula. If ϕ and ψ are LTL WR formulas, and r is an RE, then the following are LTL WR formulas: ϕ ϕ ψ X! ϕ [ϕ U ψ] r ϕ r Additional operators are defined as syntactic sugaring of the above operators: ϕ ψ def = ( ϕ ψ) [ϕ W ψ] def = [ ψu( ϕ ψ)] X ϕ def = (X! ϕ) r! def = r true r ϕ def = (r ϕ) b def = ( b)! We refer to the operators r! and r as strong and weak regular expressions, respectively. We refer to the operator as the suffix conjunction operator, since r ϕ (read r suffix-and ϕ) demands that there exist a non-empty prefix of the path tightly satisfying r and that the suffix starting at the last letter of the prefix satisfy ϕ. We refer to its dual, the operator, as the suffix implication operator, since r ϕ (read r suffix-implies ϕ) requires that if there exists a non-empty prefix of the path tightly satisfying r then the suffix starting at the last letter of the prefix should satisfy ϕ. The operator exists in the temporal logic ForSpec [3] under the names follows by and seq. The operator exists in the temporal logic Sugar [4] under the notation r(ϕ). These operators are essentially the diamond and box modalities of PDL [8], respectively. Semantics The semantics of LTL WR is defined with respect to a non-empty set of atomic propositions P, a set of boolean expressions B over P, which we identify with 2 2P, and the set of regular expressions over B. Although we are interested in the set of words over 2 P which satisfy a given LTL WR formula, it is convenient to define the semantics of LTL WR over an enhanced set of words. Let Σ denote the alphabet 2 P {, }. The semantics of LTL WR is defined with respect to words over Σ. Note, however, that since computations of systems are words over 2 P, our interest is still focused on such words. We refer to words over 2 P as natural words. We use w to denote the word obtained by replacing every with a and vice versa. We call w the dual of w. For a set of word W we use W to denote the set {w w W }. The semantics of LTL WR is defined inductively with respect to finite/infinite (possibly empty) words over Σ, using as the base case the semantics of boolean expressions over letters in Σ and of regular expressions over finite words over Σ. We use, and = to denote boolean satisfaction, tight satisfaction, and formula satisfaction, respectively. For a boolean expression b B and a letter l Σ we define the boolean satisfaction relation as follows. Let b B. For l 2 P, we define l b l b. We define b and / b. 3

4 Definition 3 (RE Tight Satisfaction) Let v denote a finite (possibly empty) word over Σ; b denote a boolean expression; and r, r 1, and r 2 denote REs. The notation v r means that v tightly satisfies r. The relation is defined as follows: v b v = 1 and v 0 b v r 1 r 2 v 1, v 2 s.t. v = v 1 v 2 and v 1 r 1 and v 2 r 2 v r 1 r 2 v r 1 or v r 2 v r either v = ɛ or v 1, v 2 s.t. v 1 ɛ, v = v 1 v 2, v 1 r and v 2 r For a regular expression r, we use S(r) to denote the set {w Σ w r} Definition 4 (Formula Satisfaction) Let v denote a word over Σ; b a boolean expression; r an RE; and ϕ and ψ LTL WR formulas. The notation v = ϕ means that v satisfies ϕ. The relation = is defined as follows: 1 1. v = b! v > 0 and v 0 b 2. v = ϕ v = / ϕ 3. v = ϕ ψ v = ϕ and v = ψ 4. v = X! ϕ v > 1 and v 1.. = ϕ 5. v = [ϕuψ] 0 k < v s.t. v k.. = ψ and 0 j < k, v j.. = ϕ 6. v = r ψ 0 j < v s.t. v 0..j r and v j.. = ψ 7. v = r finite u v, u ω = r! For an LTL WR formula ϕ, we use [[ϕ]] to denote the set {w Σ w = ϕ}. 2.2 Automata-Theoretic Approach We recall some basic notions from automata theory. Since LTL WR is interpreted over finite as well as infinite words, we use a version of Büchi automata that accepts both finite and infinite words. Definition 5 (Büchi automaton) A Büchi automaton over finite/infinite words is a tuple B = (Σ, S, I, ρ, F, A) where Σ is a finite nonempty alphabet 1 The semantics of the LTL operators are the standard ones. The operators of LTL are all the operators in definition 2 except for and r. 4

5 S is a finite nonempty set of states I S is a nonempty set of initial states ρ : S Σ 2 S is a transition function F S is a set of final states A S is a set of accepting states We often regard ρ as a relation ρ S Σ S. A run σ of B on an infinite word w = l 0 l 1... is an infinite sequence s 0, s 1,... where s 0 I and s i+1 ρ(s i, l i ) for all i 0. A run σ of B on a finite word w = l 0 l 1... l n is a finite sequence s 0, s 1,..., s n+1 where s 0 I and either w = ɛ or s i+1 ρ(s i, l i ) for all 0 i n. We define by lim(σ) the set {s s = s i for infinitely many i s }. An infinite run is accepting if there is some accepting state that repeats infinitely often, i.e. if lim(σ) A. A finite run is accepting if the last state is a final state, i.e. if s w F. The word w is accepted by B if there is an accepting run of B on w. We denote by L(B) the set of words w such that there exists an accepting run of B on w. For s S we use B s to denote the automaton (Σ, S, {s}, ρ, F, A). Definition 6 (Alternating Büchi automaton) An Alternating Büchi automaton over finite/infinite words is a tuple B = (Σ, S, {s 0 }, ρ, F, A) where Σ is a finite nonempty alphabet S is a finite nonempty set of states s 0 S is the initial state. ρ : S Σ B + (S) is a transition function where B + (S) is the set of boolean formulas obtained by application of and to element in S. 2 F S is a set of final states A S is a set of accepting states A run of B on an infinite word w = l 0 l 1... is a (possibly infinite) S-labeled tree τ = T, t such that t(ɛ) = s 0 and for every node t τ, t has at most S children and, if t = i and t(t) = s, then the children of t satisfy ρ(s, l i ) (i.e. if t 1,..., t k are t s children then {t(t 1 ),..., t(t k )} satisfies ρ(s, l i )). A run of B on a finite word w = l 0 l 1... l n is a finite S-labeled tree τ = T, t such that t(ɛ) = s 0 and for every node t τ, t has at most S children and, if t = i < n and t(t) = s, then the children of t satisfy ρ(s, l i ). If w is infinite, then a run tree τ is accepting if every branch of infinite depth has infinitely many labels in A. If w is finite, then a run tree τ is accepting if all nodes at depth w are labeled by states in F. The word w is accepted by B if there is an accepting run tree of B on w. We denote by L(B) the set of words w such that there exists an accepting run tree of B on w. 2 We assume true and false are in B + (s). 5

6 Proposition 2.1 Let A be an alternating Büchi automaton on finite/infinite words with n states. There exists a Büchi automaton B on finite/infinite words with 2 O(n) states that accepts the same language. Proof: The proof follows the construction of Miyano and Hayashi [11] for the same proposition restricted to infinite words. Let B = Σ, S, {s 0 }, δ, F, A be an alternating Büchi automaton on finite/infinite words. We define the Büchi automaton (on finite/infinite words) B n = Σ, S n, {({s 0 }, {s 0 } \ A)}, δ n, F n, A n as follows: S n 2 S 2 S is the set of consistent pairs with respect to B, where a pair (Q, P ) 2 S 2 S is said to be consistent with respect to B if P Q \ A. (Q, P ) is in δ n ((Q, P ), σ) iff Q = s Q δ(s, σ) and either: P = and P = Q \ A or P and there exists a set Y Q such that Y = s P δ(s, σ), and P = Y \ A. F n = {(Q, P ) S n Q F }. A n = {(Q, P ) S n P = }. Following [11], we have that for every infinite word w, w L(B) iff w L(B n ). Thus, we need to prove the following lemma: Lemma 2.2 Let w be a finite word. Then w L(B) iff w L(B n ). Proof: First direction: Let w be a finite word in L(B). We prove that w L(B n ). Let τ = T, t be an accepting running tree of B on w. We define a running trace (Q 0, P 0 ), (Q 1, P 1 ),... (Q w, P w such that Q i = {s t(t) = s for some t τ with t = i}, and P i = Q i \ A. We prove that this trace is an accepting running trace of B n on w. Since t(ɛ) = s 0, we have that (Q 0, P 0 ) = ({s 0 }, {s 0 } \ A) which is the initial state of B n. Let s Q i for i < w. Then, there exists a node t of τ such that t(t) = s and t = i. Let X = {t(t ) t is a child of t}. Then, X = δ(s, w i ) and X Q i+1, thus Q i+1 = δ(s, w i ). This implies that for every s Q i we have that Q i+1 = δ(s, w i ). Since P i Q i, we can always select Y = Q i+1 and P i+1 = Y \ A. Then for every s P i, Y = δ(w, w i ). Thus, we have that (Q i+1, P i+1 ) δ n ((Q i, P i )). Since τ is accepting, every branch of τ of depth w ends in a node t such that t(t) F. This implies that every state s Q w is in F. Thus, (Q w, P w ) F n. Second direction: Let (Q 0, P 0 ), (Q 1, P 1 ),... (Q w, P w ) be an accepting running trace of B n on w. We define a tree τ = T, t such that t(ɛ) = s 0 and every node t such that t = i < w has Q i+1 children such that for every s Q i+1 the node t has a child t with t(t ) = s. We prove that τ is an accepting tree of B on w. 6

7 s 0 is the initial state of B. Let t be a node of τ such that t = i for i < w. Let t(t) = s. Then, s Q i, and the definition of δ n implies that Q i+1 = δ(s, w i ). Since Q i+1 = {t(t ) t is a child of t}, we have that {t(t ) t is a child of t} = δ(t(t), w i ). Since Q w F n, we have that every branch of τ of depth w ends in a node t such that t(t) F. This completes the proof of the proposition. As a measure of efficiency we use the classification of Büchi automata as suggested by Muller et al. [12] and adopted by [5]. The classification uses the notion of a weak Büchi automaton and a terminal Büchi automaton. 3 As stated by the claim below, weak and terminal Büchi automata are especially efficient to model check. Definition 7 (weak, terminal (see e.g [5])) Let B = (Σ, S, I, ρ, F, A) be a Büchi automaton. B is a weak Büchi automaton if there exists a partition of the set of states S into components S i and a partial ordering on these sets, such that 1. for each s i S i, s j S j, if l Σ s.t. s j ρ(s i, l) then S j S i, and 2. for each S i, either S i A =, in which case S i is a rejecting component, or S i A, in which case S i is an accepting component. B is a terminal Büchi automaton if it is a weak Büchi automaton such that the components of the partition contained in A are maximal elements of the partial order. Claim 2.3 (see e.g [5]) Let B = (Σ, S, I, ρ, F, A) be a Büchi automaton. The language of a weak Büchi automaton is empty iff AG AF A The language of a terminal Büchi automaton is empty iff AG A 3 Constructions and Proofs Below we provide an automata-theoretic approach to the verification problem of LTL WR formulas. 3 Note that the term weak used for a Büchi automaton has nothing to do with the term weak used for REs. We apologize for the potential confusion. 7

8 3.1 Automata construction for LTL over finite as well as infinite words Since we are interested in finite as well as infinite words, we check first that the well-known singlyexponential complexity for constructing a Büchi automaton for the ω-language of an LTL formula still applies when the automaton runs on both finite and infinite words. We follow the construction of an alternating Büchi automaton for an LTL formula ϕ as given in [13, Theorem 22]. Our construction differs from that of [13] in several ways. 1. Our automaton is designed to run on both finite and infinite words, while that of [13] is only for infinite words. Some care is needed to handle the nexttime operators on finite words since the semantics looks ahead in order to know whether the condition w > 1 is satisfied. Our construction uses a simple subautomaton to distinguish nonempty from empty words. 2. The construction of [13] introduces an automaton state for each subformula and its negation and relies on a dualization operator in the definition of the transition relation. We achieve a similar effect by including only subformulas and using a negation parity bit in the state. The negation parity of a subformula indicates the number of enclosing negations, modulo 2. Our construction gives the dual forms of the transition relation explicitly rather than relying on the dualizing operator. 3. Our construction works over the extended alphabet Σ = 2 P {, }. This is accomplished simply by using the dual l of the input letter l when testing boolean satisfaction for the transition relation on a boolean subformula with negation parity 1. Proposition 3.1 Given an LTL formula ϕ, one can build an alternating Büchi automaton B ϕ = (Σ, S, I, ρ, F, A) where S is in O( ϕ ) and L(B ϕ ) is exactly the set of (finite and infinite) words satisfying the formula ϕ. Proof: Let ϕ be an LTL formula. Let S be the set of pairs (p, ψ) where either ψ is a subformula of ϕ or ψ {TRUE, FALSE, NONEMPTY}, and p {0, 1} denotes the negation parity, with p = 1 indicating an odd number of enclosing negations. The initial state is (0, ϕ). The set A of accepting states is produced by the following rules: 1. A contains all states of the form: (1, NONEMPTY), (0, TRUE), (1, FALSE) (1, b!), (1, X!ψ), (1, [ψuϑ]). 2. (p, ψ) A iff (1 p, ψ) A. 3. (0, ψ ϑ) A iff both (0, ψ) A and (0, ϑ) A. (1, ψ ϑ) A iff either (1, ψ) A or (1, ϑ) A. The set F of final states is equal to A. The transition relation ρ is defined as follows: ρ((p, NONEMPTY), l) = (p, TRUE) 8

9 ρ((p, TRUE), l) = (p, TRUE) ρ((p, FALSE), l) = (p, FALSE) ρ((0, b!), l) = (0, l b) ρ((1, b!), l) = (1, l b) ρ((0, ψ ϑ), l) = ρ((0, ψ), l) ρ((0, ϑ), l) ρ((1, ψ ϑ), l) = ρ((1, ψ), l) ρ((1, ϑ), l) ρ((0, ψ), l) = ρ((1, ψ), l) ρ((1, ψ), l) = ρ((0, ψ), l) ρ((0, X!ψ), l) = (0, NONEMPTY) (0, ψ) ρ((1, X!ψ), l) = (1, NONEMPTY) (1, ψ) ρ((0, [ψuϑ]), l) = ρ((0, ϑ), l) (ρ((0, ψ), l) (0, [ψuϑ])) ρ((1, [ψuϑ]), l) = ρ((1, ϑ), l) (ρ((1, ψ), l) (1, [ψuϑ])) Lemma 3.2 If ψ is a subformula of ϕ, let A (p,ψ) denote the subautomaton of this construction obtained by taking (p, ψ) as initial state. 1. L(A (0,ψ) ) = [[ψ]]. 2. L(A (1,ψ) ) = Σ [[ψ]] = [[ ψ]]. Proof: By induction over the subformulas of ϕ. Note that for any L Σ, Note also that for any ψ, Σ L = Σ L Let v, w denote elements of Σ. L(A (0,NONEMPTY) ) = {v : v > 0}. L(A (1,NONEMPTY) ) = {ɛ}. L(A (0,b!) ) = [(0, b!) is not accepting] {lw : l b} = [[b!]] L(A (1,b!) ) = [(1, b!) is accepting] {ɛ} {lw : l / b} Σ [[ψ]] = [[ ψ]] 9

10 = Σ [[b!]] [[ ψ]] = Σ [[ψ]] = [induction] L(A (1,ψ) ) = L(A (0, ψ) ) L(A (1, ψ) ) = L(A (0,ψ) ) = [induction] [[ψ]] = Σ [[ ψ]] [[ψ ϑ]] = [[ψ]] [[ϑ]] = [induction] L(A (0,ψ) ) L(A (0,ϑ) ) = L(A (0,ψ ϑ) ) L(A (1,ψ ϑ) ) = L(A (1,ψ) ) L(A (1,ϑ) ) = [induction] (Σ [[ψ]]) (Σ [[ϑ]]) = Σ ([[ψ]] [[ϑ]]) = Σ ([[ψ ϑ]]) L(A (0,X!ψ) ) = [(0, X!ψ) is not accepting; L(A (0,NONEMPTY) ) = {v : v > 0}] {lw : w > 0 and w L(A (0,ψ) )} = [induction] {lw : w > 0 and w [[ψ]]} = {v : v > 1 and v 1.. = ψ} = [[X!ψ]] L(A (1,X!ψ) ) = [(1, X!ψ) is accepting; L(A (1,NONEMPTY) ) = {ɛ}] {v : v 1 or v 1.. L(A (1,ψ) )} = [induction] {v : v 1 or v 1.. [[ ψ]]} = {v : v 1 or v 1.. = / ψ} = Σ {v : v > 1 and v 1.. = ψ} 10

11 = Σ [[X!ψ]] Let v L(A (0,[ψUϑ]) ). Suppose v / L(A (0,ϑ) ). Then v L(A (0,ψ) ) and, since (0, [ψuϑ]) is not accepting, v > 0 and v 1.. L(A (0,[ψUϑ]) ). Thus, v L(A (0,[ψUϑ]) ) v L(A (0,ϑ) ) or (v L(A (0,ψ) ) and v > 0 and v 1.. L(A (0,[ψUϑ]) )) [induction] v = ϑ or (v = ψ and v > 0 and v 1.. L(A (0,[ψUϑ]) )) If there does not exist 0 k < v such that v k.. = ϑ, then, since (0, [ψuϑ]) is not accepting, there is no accepting run of A (0,[ψUϑ]) on v. Therefore, v L(A (0,[ψUϑ]) ) there exists 0 k < v such that v k.. = ϑ and for all 0 j < k, v j.. = ψ v = [ψuϑ] v L(A (1,[ψUϑ]) ) v L(A (1,ϑ) ) and (v L(A (1,ψ) ) or v L(A (1,[ψUϑ]) )) [induction] v = ϑ and (v = ψ or v L(A (1,[ψUϑ]) )) Since (1, [ψuϑ]) is accepting, there need not exist 0 k < v such that v k.. [[ ψ]]. Thus, v L(A (1,[ψUϑ]) ) v = ϑw( ψ ϑ) [duality of U, W over Σ] v = [ψuϑ] This completes the proof of the proposition. Corollary 3.3 Given an LTL formula ϕ, one can build a Büchi automaton B ϕ = (Σ, S, I, ρ, F, A) where S is in 2 O( ϕ ) and L(B ϕ ) is exactly the set of (finite and infinite) words satisfying the formula ϕ. Proof: Follows directly from Propositions 3.1 and

12 3.2 Automata Construction for LTL WR In this section we extend the construction of automata for LTL (over finite as well as infinite words) given in the previous section to all of LTL WR. Recall from Definition 2 that the LTL WR formulas are generated from the LTL formulas by adding the basic form r, where r is a regular expression, and the inductive form r ϕ, where r is a regular expression and ϕ is an LTL WR formula. Thus, the construction of Proposition 3.1 needs to be extended to handle each of these forms under both negation parities. First we construct a non-deterministic finite automata on finite words (NFA) that recognizes tight satisfaction ( ) and a Büchi automata that recognizes weak RE satisfaction. Then we provide the overall construction for LTL WR. Proposition 3.4 Let r be an RE. There exists an NFA N r with O( r ) states such that w r w L(N r ) Proof: We inductively define an NFA N r for r as follows: Base: For a Boolean expression b we construct the automaton N b = (Σ, {0, 1}, {0}, ρ b, {1}) such that for l Σ we have ρ(0, l) = {1} iff l = b. Induction: assume that for the regular expressions r 1 and r 2 we constructed the NFAs N 1 = (Σ, S 1, I 1, ρ 1, F 1 ) and N 2 = (Σ, S 2, I 2, ρ 2, F 2 ) respectively. The NFA N for r 1 r 2 is N = (Σ, S 1 S 2, I 1, ρ 1 ρ 2 {(s 1, l, s 2 ) s 1 F 1 s 2 ρ 2 (q, l) for q I 2 }, ˆF ). Where ˆF = F 2 if I 2 F 2 = and F 1 F 2 otherwise. The NFA N for r 1 r 2 is N = (Σ, S 1 S 2 {s 0 }, {s 0 }, ρ 1 ρ 2 {(s 0, l, s 1 ) s 1 ρ 1 (q, l) for q I 1 } {(s 0, l, s 2 ) s 2 ρ 2 (q, l) for q I 2 }, ˆF ). Where ˆF = F 1 F 2 if I 2 F 2 = and I 1 F 1 = and F 1 F 2 {s 0 } otherwise. The NFA N for r 1 is N = (Σ, S 1 {s 0 }, {s 0 }, ρ 1 {(s 0, l, s 1 ) s 1 ρ 1 (q, l) and q I 1 } {(s 1, l, s 0 ) ρ 1 (s 1, l) F 1 }, F 1 {s 0 }). Let w be a finite word. We show that by induction on the structure of r. w L(N r ) iff w r Base: Let r = b. Note that 0 is not accepting and that there are no outgoing transitions from 1, thus if N b accepts v, then v = 1. Then, N b accepts a word v iff v = 1 and 1 ρ(0, v 0 ) iff v = 1 and v 0 = b iff v b. Induction: Assume that for REs r 1 and r 2 we proved that w L(N 1 ) w r 1 and w L(N 2 ) w r 2. 12

13 For r 1 r 2 we distinguish between two cases: 1. The case where ɛ r 2. In this case, N for r 1 r 2 is N = (Σ, S 1 S 2, I 1, ρ 1 ρ 2 {(s 1, l, s 2 ) s 1 F 1 s 2 ρ 2 (q, l) for q I 2 }, F 1 F 2 ). Then, N accepts a word w iff it has a running trace s 0, s 1,... s k (k = w ) over w such that s k F 1 F 2 iff either N 1 accepts w or there exists j < k such that s j F 1 and s j+1 ρ 2 (q, w j ) for q I 2 iff either N 1 accepts w or there exists j < k such that N 1 accepts w 0..j and N 2 accepts w j+1..k iff (induction) either w r 1 or there exists j < k such that w 0..j r 1 and w j+1..k r 2 iff w r 1 r The case where ɛ / r 2. In this case, N for r 1 r 2 is N = (Σ, S 1 S 2, I 1, ρ 1 ρ 2 {(s 1, l, s 2 ) s 1 F 1 s 2 ρ 2 (q, l) for q I 2 }, F 2 ). Then, N accepts a word w iff it has a running trace s 0, s 1,... s k (k = w ) over w such that s k F 2 iff there exists j < k such that s j F 1 and s j+1 ρ 2 (q, w j ) for q I 2 iff there exists j < k such that N 1 accepts w 0..j and N 2 accepts w j+1..k iff (induction) there exists j < k such that w 0..j r 1 and w j+1..k r 2 iff w r 1 r 2. For r 1 r 2 we have that the NFA N for r 1 r 2 is N = (Σ, S 1 S 2 {s 0 }, {s 0 }, ρ 1 ρ 2 {(s 0, l, s 1 ) s 1 ρ 1 (q, l) for q I 1 } {(s 0, l, s 2 ) s 2 ρ 2 (q, l) for q I 2 }, ˆF ). Where ˆF = F 1 F 2 {s 0 } if I 2 F 2 or I 1 F 1 and ˆF = F 1 F 2 otherwise. N accepts ɛ iff s 0 ˆF iff I 1 F 1 or I 2 F 2 iff N 1 accepts ɛ or N 2 accepts ɛ iff (induction) ɛ r 1 or ɛ r 2 iff ɛ r 1 r2. Let w be a non empty word. N accepts w iff N has a running trace that s 0, s 1,..., s k (for k = w ) such that s 0 is the initial state and s k F 1 F 2 iff either s 1 ρ(q, w 0 ) for q I 1 and s 1, s 2,..., s k is a running trace of N 1 or s 1 ρ(q, w 0 ) for q I 2 and s 1, s 2,..., s k is a running trace of N 2 iff N 1 accepts w or N 2 accepts w iff (induction) w r 1 or w r 2 iff w r 1 r2. For r 1 we have that the NFA N for r 1 is N = (Σ, S 1 {s 0 }, {s 0 }, ρ 1 {(s 0, l, s 1 ) s 1 ρ 1 (q, l) and q I 1 } {(s 1, l, s 0 ) ρ 1 (s 1, l) F 1 }, F 1 {s 0 }). First note that s 0 F 1, thus N accepts ɛ. This comply with ɛ r 1. Let w be a non empty word. First direction, assume that N accepts w. Let s 0, s 1,... s k be an accepting run trace of N on w. Let j 0, j 1,... be the sequence of all indices such that s ji = s 0. Then for every j i in the set we have that s ji +1 ρ 1 (q, w j i ) for q I 1 and that p ρ 1 (s ji 1, w j i 1 ) for p F 1. Thus, for every j i excepts for the last, we 13

14 have that q, s ji +1,... s ji+1 1, p is accepting run of N 1 on w j i..j i+1 1, and that for the last j i, we have that q, s ji +1,... s k+1 is accepting run of N 1 on w ji..k. This implies that (induction) for every j i excepts for the last, we have that w j i..j i+1 1 r1, and that for the last j i, we have that w ji..k r1. Thus w r1. Second direction: Note that for every accepting run q, s 1,..., s k 1, p of N 1 on a non empty word w, there exists an accepting run s 0, s 1,... s k 1, s 0 of N on w. Assume that w r1. Then, there are w 0, w 1,..., w k such that w 0 w 1... w k = w and for every 0 j k we have w j r 1. Thus (induction), for every 0 j k we have that N 1 accepts w j. Then, for every 0 j k we have N has a running trace on w j that starts and ends at s 0. This implies that N accepts w. Proposition 3.5 Let r be an RE. There exists a Büchi automaton B r with O( r ) states such that B r has a trapping non-accepting state q bad and for every word w over Σ, 1. there exists an accepting run of B r on w iff w = r 2. every run of B r on w reaches q bad iff w = / r Proof: We build the Büchi automaton from the NFA for r constructed in Proposition 3.4. Before we provide the actual construction, we prove the following Lemma. Lemma 3.6 Let r be an RE and let N r be the automaton constructed for r in Proposition 3.4. Then, for every s S there exists k 0 and a running trace s, s 1,... s k of N r on k such that s k F. Proof: By induction. Base: r = b. The state 1 is in F, and (0,, 1) ρ. Induction: Assume that the NFAs N 1 and N 2 for r 1 and r 2, respectively, satisfy the lemma. r = r 1 r 2. If s S 2, then by induction there exists k 0 and a running trace s to F 2 on k. Otherwise, s S 1. By induction, there is a running trace on j from s to F 1. From the transition relation, there exists j 0 and a running trace on j from s to a state in S 2. By induction, there exists k 0 and a running trace on k from that state of S 2 to F 2. r = r 1 r 2. If s S i, then by induction there exists k 0 and a running trace on k from s to F i. Otherwise, s = s 0, and there is a transition on from s 0 to each of S 1 and S 2. r = r 1. If s S 1, then by induction there exists k 0 and a running trace on k from s to F 1. Otherwise, s = s 0, which is itself accepting. 14

15 Let N r = (Σ, S, I, ρ, F ) be the NFA for RE r, constructed as in Proposition 3.4. Let B r = (Σ, S {q bad }, I, ρ, S, S) where ρ = ρ {(s, l, s) l Σ, s F } {(q bad, l, q bad ) l Σ} {(s, l, q bad ) l Σ, s / F and s S : (s, l, s ) / ρ} Observation 3.7 Let w be a word over Σ. If there exists a running trace of B r on w that contains a state in F, then B r accepts w. Lemma 3.8 A (finite or infinite) word w is accepted by B r iff for every finite v w there exists a prefix u v ω, such that u r. Proof: First direction: Let w be a word that is accepted by B r. We prove that for every finite v w there exists a prefix u v ω such that u r. Let s 0, s 1,... be an accepting running trace of B r on w. We distinguish between two cases: 1. The trace s 0, s 1,... contains a state in F (in N r ). In this case let k be the minimal number such that s k F. The definition of ρ implies that s 0, s 1,..., s k is a trace in N r, thus w 0..k 1 L(N r ). Proposition 3.4 implies that w 0..k 1 r. Let v w be a prefix of w. We distinguish between two cases: If w 0..k 1 v, then w 0..k 1 v ω and w 0..k 1 r. v w 0..k 1. Let j = v, then s 0, s 1,..., s j is a trace of N r over v. Lemma 3.7 implies that there exists a trace s j, s j+1,... s i of N r on i j such that s i F, thus, v i j L(N r ). Then v i j r and v i j v ω. 2. The trace s 0, s 1,... does not contain a state in F (in N r ). Then the definition of ρ implies that s 0, s 1,... is a trace in N r. Let v w be a finite prefix of w of length k. Then, s 0, s 1,... s k+1 is a run of N r on v. Lemma 3.7 implies that there exists a trace s k, s k+1,... s i of N r on i k such that s i F, thus, v i k L(N r ). Then v i k r and v i k v ω. Second direction: Let w be a word that is not accepted by B r. We prove that there exists a finite v w such that for every prefix u v ω, we have that u / r. Since w is not accepted by B r, and since q bad is the only non accepting and non final state, there exists a prefix v w such that all running trace of B r on v are trapped in q bad. In addition, by Observation 3.7 above there is no running trace of B r on u v that contains a state in F. The definition of ρ implies that there is no running trace of N r on v, and that there is no running trace of N r on u v that contains a state in F. Since there is no running trace of N r on v, for every v u v ω we have that u is not accepted by N r and thus u / r. Since there is no running trace of N r on u v that contains a state in F, we have that for every u v, u is not accepted by N r, and thus u / r. 15

16 Lemma 3.8 shows that w = r iff there exists an accepting run of B r on w. That is, w = / r iff every run of B r on w is not accepting. Assume w is infinite. Then w = / r iff every run of B r on w does not visit S infinitely often iff [since S r \ S = {q bad }] every run of B r on w visits q bad infinitely often iff [since q bad is trapping] every run of B r on w visits q bad. Assume w is finite. Then w = / r iff every run of B r on w does not terminate in a state in S iff [since S r \ S = {q bad }] every run of B r on w terminates in S Thus w = / r iff every run of B r on w reaches state q bad. This completes the proof of Proposition 3.5. Below we extend the construction of the alternating automaton given in the previous section for LTL (over finite as well as infinite words) to LTL WR. The idea is that for RE-based formulas r ψ and r the automaton mimics the automaton for r. Recall that r ψ states that there exists a prefix tightly satisfying r and the suffix beginning at the end of this prefix satisfies ψ, while r ϕ states that for each prefix tightly satisfying r, the suffix beginning at the end of the prefix satisfies ϕ. Thus, for r ϕ states when the parity bit is 0 the automaton mimics a move to some next state in the NFA of r (so as to require one match for r) and when the parity bit is 1 the automaton mimics moves to all next states in the NFA of r (in order to traverse all matches for r). Then, when the automaton reaches a final state in N r it continues to state ψ in order to require satisfaction of ψ. For a weak RE r the automaton mimics the Büchi automaton B r of Proposition 3.5. When the parity bit is 0, the automaton traverses all states, to check that all prefixes are potentially accepting (i.e., have an extension with s that is accepting). When the parity bit is 1, the automaton traverses some state to check for some bad prefix. To make this idea work we need to consider a new type of formula involving automata. For these we introduce the following logic. Definition 8 (LTL WRA formulas) If b is a boolean expression then b! is an LTL WRA formula. If ϕ and ψ are LTL WRA formulas, then the following are LTL WRA formulas: ϕ ϕ ψ X! ϕ [ϕ U ψ] If ϕ is an LTL WRA formula N = (Σ, S, I, ρ, F ) is an NFA such that I is a singleton, then N, ϕ is an LTL WRA formula. 16

17 If B = (Σ, S, I, ρ, F, A) is a Büchi automaton such that I is a singleton then B is an LTL WRA formula. The semantics of LTL WRA formulas is defined as follows: Definition 9 Let v denote a word over Σ; b a boolean expression; r an RE; and ϕ and ψ LTL WRA formulas. The notation v = AUT ϕ means that v satisfies ϕ. The relation = AUT is defined as follows: 4 1. v = AUT b! v > 0 and v 0 b 2. v = AUT ϕ v = / AUT ϕ 3. v = AUT ϕ ψ v = AUT ϕ and v = AUT ψ 4. v = AUT X! ϕ v > 1 and v 1.. = AUT ϕ 5. v = AUT [ϕuψ] 0 k < v s.t. v k.. = AUT ψ and 0 j < k, v j.. = AUT ϕ 6. v = AUT N, ψ 0 j < v s.t. v 0..j L(N) and v j.. = AUT ψ 7. v = AUT B v L(B) Proposition 3.9 Let ϕ be a formula of LTL WR. Let Φ be the formula of LTL WRA obtained from ϕ by replacing sub-formulas of the form r ψ with N r, ψ where N r = (Σ, S r, I r, ρ r, F r ) is the NFA from Proposition 3.4; and formulas of the form r with B r where B r = (Σ, S r {q bad }, I r, ρ r, S r, S r ) is the Büchi automaton defined in Proposition 3.5 and q bad is the trapping non-accepting state. Then [[ϕ]] = [[Φ]] Proof: The proof is by induction on the structure of the formula. The cases for booleans and the LTL operators are immediate since the semantics for those are the same. v = r ψ 0 j < v s.t. v 0..j r and v j.. = ψ [by Proposition 3.4] 0 j < v s.t. v 0..j L(N r ) and v j.. = ψ v = AUT N r, ψ v = r [by Proposition 3.5] v L(B r ) 4 The semantics of the LTL operators are the standard ones. 17

18 v = AUT B r Proposition 3.9 allows to use the construction of a Büchi automaton for an LTL WRA formula Φ to obtain a construction for an LTL WR formula ϕ for which [[ϕ]] = [[Φ]]. Proposition 3.10 Given an LTL WRA formula ϕ, there exists an alternating Büchi automaton B ϕ = (Σ, S, I, ρ, F, A) where S is in O( ϕ ) and L(B ϕ ) is exactly the set of (finite and infinite) words satisfying the formula ϕ. Proof: Let ϕ be a formula of LTL WRA. Let S be the set of pairs (p, ψ) where p {0, 1} and ψ satisfies at least one of the following: ψ is a subformula of ϕ. ψ {TRUE, FALSE, NONEMPTY}. ψ is of the form N q, ϑ, where N, ϑ is a subformula of ϕ and q is a state of the NFA N. ψ is of the form B q, where B is a subformula of ϕ and q is a state of the Büchi automaton B. Note that if q is the initial state of N, then N q = N, and similarly with B. The initial state is (0, ϕ). The set A of accepting states is produced by the following rules: 1. A contains all states of the form: (1, NONEMPTY), (0, TRUE), (1, FALSE) (1, b!), (1, X!ψ), (1, [ψuϑ]), (1, N q, ψ ), (0, B q ), (1, B q bad ). In (0, B q ) it is understood that q is not the trapping state of B, while in (1, B q bad ) it is understood that q bad is the trapping state of B. 2. (p, ψ) A iff (1 p, ψ) A. 3. (0, ψ ϑ) A iff both (0, ψ) A and (0, ϑ) A. (1, ψ ϑ) A iff either (1, ψ) A or (1, ϑ) A. The set F of final states is equal to A. The transition relation ρ is defined as follows, where N q = (Σ, S N, {q}, ρ N, F N ) and B q = (Σ, S B q bad, {q}, ρ B, S B ): ρ((p, NONEMPTY), l) = (p, TRUE) ρ((p, TRUE), l) = (p, TRUE) ρ((p, FALSE), l) = (p, FALSE) 18

19 ρ((0, b!), l) = (0, l b) ρ((1, b!), l) = (1, l b) ρ((0, ψ ϑ), l) = ρ((0, ψ), l) ρ((0, ϑ), l) ρ((1, ψ ϑ), l) = ρ((1, ψ), l) ρ((1, ϑ), l) ρ((0, ψ), l) = ρ((1, ψ), l) ρ((1, ψ), l) = ρ((0, ψ), l) ρ((0, X!ψ), l) = (0, NONEMPTY) (0, ψ) ρ((1, X!ψ), l) = (1, NONEMPTY) (1, ψ) ρ((0, [ψuϑ]), l) = ρ((0, ϑ), l) (ρ((0, ψ), l) (0, [ψuϑ])) ρ((1, [ψuϑ]), l) = ρ((1, ϑ), l) (ρ((1, ψ), l) (1, [ψuϑ])) If ρ N (q, l) F N is non-empty, then ρ((0, N q, ψ ), l) = (0, N q, ψ ) ρ((0, ψ), l) Otherwise ρ((0, N q, ψ ), l) = q ρ N (q,l) q ρ N (q,l) (0, N q, ψ ) If ρ N (q, l) F N is non-empty, then ρ((1, N q, ψ ), l) = (1, N q, ψ ) ρ((1, ψ), l) Otherwise ρ((1, N q, ψ ), l) = ρ((0, B q ), l) = ρ((1, B q ), l) = q ρ B (q,l) q ρ B (q, l) q ρ N (q, l) q ρ N (q, l) (0, B q ) (1, B q ) (1, N q, ψ ) Lemma 3.11 Let ϕ be an LTL WRA formula. If ψ is a subformula of ϕ, let A (p,ψ) denote the subautomaton of this construction obtained by taking (p, ψ) as initial state. Then 1. L(A (0,ϕ) ) = [[ϕ]]. 2. L(A (1,ϕ) ) = Σ [[ϕ]] = [[ ϕ]]. 19

20 Proof: The proof is by induction on the structure of the formula. The cases for booleans and the LTL operators are the same as in the proof of Lemma 3.2. We show that L(A (0, N q,ψ ) ) = [[ N q, ψ ]] and L(A (1, N q,ψ ) ) = [[ N q, ψ ]] We show that v [[ N q, ψ ]] iff v L(A (0, N q,ψ ) ). Suppose that v [[ N q, ψ ]]. Then 0 j < v s.t. v 0..j L(N q ) and v j.. [[ψ]]. Since v 0..j L(N q ), there exists an accepting run q, q 0,..., q j F N of N q on v 0..j. By induction, L(A (0,ψ) ) = [[ψ]], so there exists an accepting run tree t of A (0,ψ) on v j.. From the transition relation, N q, ψ, N q 0, ψ,..., N q j 1, ψ is a run of A (0, N q,ψ ) on v 0..j 1. Also, since q j F N, it follows from the transition relation that each of the successors of the root of the run tree t on letter v j is also a successor of N q j 1, ψ on the letter v j. Let t be obtained from t by replacing the root with N q j 1, ψ. Since t,t differ only on the root node and since v j.. is non-empty, it follows that t is an accepting run tree of A (0, N q j 1,ψ ) on v j... This shows that v L(A (0, N q,ψ ) ). Suppose now that v L(A (0, N q,ψ ) ). Then there exists an accepting run tree t of A (0, N q,ψ ) on v. Since (0, N q, ψ ) is not accepting, v is non-empty. From the transition relation, t has a branch labeled (0, N q, ψ ), (0, N q 0, ψ ),... Since none of the states (0, N q0, ψ ) is accepting, there must exist 0 j < v such that (0, N q, ψ ), (0, N q 0, ψ ),... (0, N q j 1, ψ ) labels a branch t, t 0,... t j 1 of t, and q, q 0,..., q j 1 is a run of N q on v 0..j 1, and ρ N (q j 1, v j ) F N, and the set of children of t j 1 is labeled by the set ρ((0, ψ), v j ). Then q, q 0,..., q j is a run of N q on v 0..j, and so v 0..j L(N q ). Let t = t j,1. Since t is accepting, t must be an accepting run of A (0, N qj 1,ψ ) on v j... Let t be the tree obtained from t by switching the root to (0, ψ). From the transition relation, t is a run tree of A (0,ψ) on v j... Since v j.. is non-empty, it follows that t is accepting. Therefore, v j.. L(A (0,ψ) ). By induction, v j.. [[ψ]]. Thus, v [[ N q, ψ ]]. 20

21 We show that v [[ N q, ψ ]] iff v L(A (1, N q,ψ ) ). v [[ N q, ψ ]] iff v [[ N q, ψ ]] iff 0 j < v s.t. v 0..j L(N q ), v j.. [[ψ]] iff [induction] ( ) : 0 j < v s.t. v 0..j L(N q ), v j.. L(A (1,ψ) ) Suppose that ( ) holds. We construct an accepting run tree t of A (1, N q,ψ ) on v. Let t 0 be a run tree of A (1, N q,ψ ) on v. Let t N be the rooted subtree of t 0 consisting of all states of the form (1, N q, ψ ) (that is, trim every branch of t 0 at the first node which is not of the form (1, N q, ψ )). Since the states of this form are all accepting, every branch of this subtree is accepting. Consider a node n = (1, N q, ψ ) of t N such that n has a nonempty set M n of successors in t 0 t N. From the transition relation, it follows that there exists 0 j < v and a run q, q 0,..., q j 1 = q of N q on v 0..j 1 and there exists q j ρ N (q, v j ) F N. Then q, q 0,..., q j is an accepting run of N q on v 0..j, so by ( ), v j.. L(A (1,ψ) ). Let t n be an accepting run tree of A (1,ψ) on v j... Replace M n in t 0 by the set of successors of the root of t n. As a result, any branch of t 0 passing through a successor of n in t 0 t N is now converted to an accepting branch. The procedure is repeated for all such nodes n to yield the accepting run tree t. Suppose that v L(A (1, N q,ψ ) ). Let t be an accepting run tree of A (1, N q,ψ ) on v. Let t N be the rooted subtree of t consisting of all states of the form (1, N q, ψ ) (that is, trim every branch of t at the first node which is not of the form (1, N q, ψ )). Suppose that there exists 0 j < v s.t. v 0..j L(N q ). Let q, q 0,..., q j be an accepting run of N q on v 0..j. From the transition relation, (1, N q, ψ ), (1, N q 0, ψ ),..., (1, N q j 1, ψ ) is a prefix of a branch of t N, and the successors of (1, N q j 1, ψ ) in t t N are successors of (1, ψ) on v j. Let t be the tree obtained from the subtree of t rooted at (1, N q j 1, ψ ) by eliminating the successors of (1, N q j 1, ψ ) that are in t N and replacing the root by (1, ψ). It follows that t is an accepting run tree of A (1,ψ) on v j.., and so v j.. L(A (1,ψ) ). This proves that ( ) holds. We show that L(A (0, Bq ) ) = [[ B q ]] and L(A (1, Bq ) ) = [[ B q ]]. Let w be a finite/infinite word. Recall that q is an accepting state of B q iff q q bad. Also, (0, B q ) is an accepting state of A (0, Bq ) iff q q bad. Thus, by the construction, w L(A (0, Bq ) ) iff there exists a run of B q on w that does not visit q bad 21

22 iff w L(B q ) iff w [[ B q ]] Similarly, (1, B q ) is an accepting state of A (1, Bq ) iff q = q bad. Thus, w L(A (1, Bq ) ) iff every run of B q on w reaches q bad iff w / L(B q ) iff w / [[ B q ]] iff w [[ B q ]] This completes the proof of the Proposition. Corollary 3.12 Given an LTL WRA formula ϕ, there exists a Büchi automaton B ϕ = (Σ, S, I, ρ, F, A) where S is in 2 O( ϕ ) and L(B ϕ ) is exactly the set of (finite and infinite) words satisfying the formula ϕ. Proof: Follows directly from Propositions 3.10 and 2.1. Corollary 3.13 Given an LTL WR formula ϕ, there exists a Büchi automaton B ϕ = (Σ, S, I, ρ, F, A) where S is in 2 O( ϕ ) and L(B ϕ ) is exactly the set of (finite and infinite) words satisfying the formula ϕ. Proof: Follows directly from Corollary 3.12 and Proposition 3.9. Definition 10 We say that a language is -regular iff it is a union of a regular language and an ω-regular language. Proposition 3.14 LTL WR is as expressive as -regular languages. Proof: Clearly a langauge accepted by a Büchi automaton on finite/infinite words is an -regular language. Thus, Corollary 3.13 implies that LTL WR formulas are not more expressive than - regular expressions (since for every formula ϕ in LTL WR there exists a Büchi automaton B ϕ on finite/infinite words such that [[ϕ]] = L(B ϕ )). A proof that any ω-regular language, can be expressed as an LTL WR formula appears in [3], where the suffix implication operator ( ) is denoted triggers, and the suffix conjunction operator ( ) is denoted follows by. Note, that the language of an LTL WR formula interpreted over finite and infinite words may not be the same as its language when interpreted over infinite words alone. For example, when the semantics is interpreted over infinite words alone, we have that [[b W false]] = {l l b} ω, but when the semantics is interpreted over finite words as well, we have [[b W false]] = {l l b} ω {l l b}. 22

23 A regular language (over finite words) L can be expressed in LTL WR by means of the formula (r L X false) where r L is a regular expression accepting the same language as L. An omega regular language (over infinite words) L can expressed in LTL WR by means of the formula ψ L ((X!true) W false) where ψ L is an LTL WR formula accepting the language L when interpreted over infinite words only. Thus, for every -regular language L we can construct an LTL WR formula ψ fin such that [[ψ fin ]] = {w w L and w is finite} and a formula ψ inf such that [[ψ inf ]] = {w w L and w is infinite}. Thus, the formula ψ fin ψ inf accepts exactly the set of (finite and infinite) words in L. 3.3 Classification of Automata for RE-based LTL WR-formulas Proposition 3.15 Let r be an RE, and ϕ an LTL WR formula. If there exists a weak (terminal) Büchi automaton for ϕ with state set S, then there exists a weak (terminal) Büchi automaton for (r ϕ) with at most O( r + S ) states. Proof: Let r be an RE and ϕ be an LTL WR formula. We want to build a Büchi automaton for the negation of r ϕ. Note that by the semantics of suffix implication [[r ϕ]] = [[r ϕ ]] where S(r ) = S(r) \ {ɛ} and [[ϕ ]] = [[ϕ]] \ {ɛ}. We therefore assume without loss of generality that ɛ S(r) and that ɛ [[ϕ]] Let N r = (Σ, S r, I r, ρ r, F r ) be the NFA constructed for r as in Proposition 3.4. We build from it the NFA N r = (Σ, S r, I r, ρ r, F r) where S r = S r {q fin }, F r = {q fin } and ρ r = ρ r {(q, l, q fin ) q f F r s.t. (q, l, q f ) ρ r }. Clearly, N r is a linear NFA in r accepting the words tightly satisfying r such that there are no states in I r F r. Let B ϕ = (Σ, S ϕ, I ϕ, ρ ϕ, F ϕ, A ϕ ) be the Büchi automaton accepting language [[ ϕ]]. We can assume the construction of B ϕ is such that I ϕ is disjoint from F ϕ and that (s, l, s ) ρ ϕ implies s I ϕ. We build the Büchi automaton B = (Σ, S, I, ρ, F, A) for (r ϕ) as follows: S = (S r \F r) (S ϕ \ I ϕ ); I = I r ; F = F ϕ ; A = A ϕ ; and ρ = (ρ r \ {(s, l, t) t F r}) (ρ ϕ \ {(s 0, l, s ) s 0 I ϕ }) {(s, l, s ) t F r s.t. (s, l, t) ρ r and s 0 I ϕ s.t. (s 0, l, s ) ρ ϕ )} First we show that L(B) = [[ (r ϕ)]]. Then we argue that if B ϕ is weak (terminal) then so is B. 1. v [[ (r ϕ)]] v = (r ϕ) v = r ϕ j < v s.t. v 0..j r and v j.. = ϕ there exists a run s 0, s 1,..., s j+1 of N r on v 0..j such that s j+1 F r and there exists an accepting (finite or infinite) run s 0, s 1, s 2... of B ϕ on v j.. such that s 0 I ϕ 23

24 v [ s j j s 1 ρ iff s j+1 F r v s.t. s j j s j+1 ρ r and s 0 I ϕ s.t. s v j 0 s 1 ρ ϕ ] there exists an accepting (finite or infinite) run s 0, s 1,..., s j, s 1, s 2... of B on v v L(B) 2. Let S 1,..., S k be the partition of states and the partial order that prove B ϕ is weak(terminal). Let S i be S i \ I ϕ for 1 i k. Let S r = S r \ F r. Then B is proved weak (terminal) by the partition S r, S 1,..., S k together with the partial order S r S i, and S i S j iff S i S j. Proposition 3.16 Let r be an RE. Then, there exists a universal alternating Büchi automaton for r with state complexity in O( r ), and there exists a terminal existential Büchi automaton for r with state complexity in 2 O( r ). Proof: Let B r = (Σ, S {q bad }, I, ρ, S, S) be the existential Büchi automaton from Proposition 3.5. Recall that B r has O( r ) states and for every word w over Σ, 1. there exists an accepting run of B r on w iff w = r 2. every run of B r on w reaches q bad iff w = / r Let B be the universal Büchi automaton (Σ, S {q bad }, I, ρ, {q bad }, {q bad }). Clearly B accepts a word w iff w = / r. Let B be the universal Büchi automaton (Σ, S {q bad }, I, ρ, {q bad }, {q bad }) where ρ = {(s 1, l, s 2 ) l Σ, (s 1, l, s 2 ) ρ}. Clearly, w L(B) iff w L(B). Therefore w L(B) iff w = / r iff w = r. The universal Büchi automaton B can be translated into an ordinary existential Büchi automaton B with state set S such that S is in 2 O( r ) [11]. This translation can be done in a way that preserves q bad as the unique trapping accepting state of B. Then it is clear that B is terminal by partitioning according to S \ {q bad } < {q bad } Proposition 3.17 Let r be an RE. Then, there exists a weak Büchi automaton for r! whose state complexity is in O( r ). Proof: Let r be an RE. Let N = (Σ, S, I, ρ, F ) be an NFA accepting the non-empty words tightly satisfying r, with state complexity linear in r (for example, N is the NFA of Proposition 3.4). We build from it the NFA N = (Σ, S, I, ρ, F ) where S = S {q fin }, F = {q fin } and ρ = ρ {(q, l, q fin ) q f F s.t. (q, l, q f ) ρ}. Clearly, N is a linear NFA in r accepting the non-empty words tightly satisfying r such that there are no transitions out of F. It follows that in any accepting run, F cannot be reached prior to the end of the run (i.e., if state s f F is reached during an accepting run, then s f is the last state of the run). 24

25 We build a Büchi automaton B = (Σ, S, I, ρ, F, A ) as follows: A = F = S \ F ; and ρ = ρ {(s, l, s) s F, l Σ}. Note that the states of F in B are non-accepting and trapping. Finally, we build a Büchi automaton B = (Σ, S, I, ρ, F, A ) for r! as follows: Clearly v L(B) if and only if v L(B ). ρ = {(s 1, l, s 2 ) l Σ, (s 1, l, s 2 ) ρ }. First we show that L(B) = [[ (r!)]]. Then we argue that B is weak. 1. v [[ (r!)]] v = r! v = / r! / k < v s.t. v 0..k r k < v, v 0..k / r [since N recognizes non-empty matches of r] k < v there exists no run of N on v 0..k terminating in a state in F [by the properties of N ] k < v there exists no run of N on v 0..k visiting a state in F [ by the definition of B ] k < v there exists no run of B on v 0..k visiting a state in F [ there are two options ] Either v is finite and any run of B on v does not terminate in a state in F Or v is infinite and any run of B on v never visits a state in F v L(B ) v L(B) 2. Let the partition and partial order of the states of B be S \F < F. Since F = A = S \F and F is trapping, it follows that B is weak. Acknowledgment We would like to thank Cindy Eisner for many stimulating discussions. The second author would also like to thank Nir Piterman and Sitvanit Ruah for interesting discussions on some of the underlying issues. 25

26 References [1] Accellera Organization, Inc. Formal semantics of Accellera property specification language. In Appendix B of pages , January [2] R. Armoni, D. Bustan, O. Kupferman, and M. Y. Vardi. Aborts vs resets in linear temporal logic. In Proc. 9th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), [3] R. Armoni, L. Fix, A. Flaisher, R. Gerth, B. Ginsburg, T. Kanza, A. Landver, S. Mador-Haim, E. Singerman, A. Tiemeyer, M. Y. Vardi, and Y. Zbar. The ForSpec temporal logic: A new temporal property-specification language. In TACAS, pages , [4] I. Beer, S. Ben-David, and A. Landver. On-the-fly model checking of RCTL formulas. In Proc. 10 th International Conference on Computer Aided Verification (CAV 98), LNCS 1427, pages Springer-Verlag, [5] R. Bloem, K. Ravi, and F. Somenzi. Efficient decision procedures for model checking of linear time logic properties. In Proc. 11 th International Conference on Computer Aided Verification (CAV), LNCS 1633, pages Springer-Verlag, [6] C. Eisner, D. Fisman, and J. Havlicek. A topological characterization of weakness. In Proc24th Annual ACM SIGACT-SIGOPS Symposium on Principles Of Distributed Computing (PODC05), Las-Vegas, Nevada, USA, July [7] C. Eisner, D. Fisman, J. Havlicek, Y. Lustig, A. McIsaac, and D. Van Campenhout. Reasoning with temporal logic on truncated paths. In The 15th international conference on computer aided verification (CAV), LNCS 2725, pages Springer-Verlag, July [8] M. J. Fischer and R. E. Ladner. Propositional dynamic logic of regular programs. In J. Comput. Syst. Sci., pages 18(2), , [9] A. Flaisher. Enhanced vacuity detection in linear temporal logic. Master s thesis, Israel Institute of Technology (The Technion), Haifa, Israel, August [10] C. J. Kargl. A sugar translator. Master s thesis, Institut für Softwaretechnologie, Technische Univesität Graz, Graz, Austria, December [11] S. Miyano and T. Hayashi. Alternating finite automata on ω-words. Theoretical Comput. Sci., 32: , [12] D. E. Muller, A. Saoudi, and P. E. Schupp. Weak alternating automata give a simple explanation of why most temporal and dynamic logics are decidable in exponential time. In Proceedings of 3rd IEEE Symposium on Logic in Computer Science, pages , [13] M. Y. Vardi. An automata-theoretic approach to linear temporal logic. In Banff Higher Order Workshop, pages ,

Similar documents

The Safety Simple Subset

The Safety Simple Subset The Safety Simple Subset Shoham Ben-David 1 Dana Fisman 2,3 Sitvanit Ruah 3 1 University of Waterloo 2 Weizmann Institute of Science 3 IBM Haifa Research Lab Abstract. Regular-LTL (RLTL), extends LTL with

More information

Structural Contradictions

Structural Contradictions Structural Contradictions Cindy Eisner 1 and Dana Fisman 1,2 1 IBM Haifa Research Laboratory 2 Hebrew University Abstract. We study the relation between logical contradictions such as p p and structural

More information

Title: The Definition of a Temporal Clock Operator. Authors:

Title: The Definition of a Temporal Clock Operator. Authors: Title: The Definition of a Temporal Clock Operator Authors: 1. Cindy Eisner (contact author) IBM Haifa Research Laboratory Haifa University Campus Mount Carmel, Haifa 31905, ISRAEL fax: +972-4-8296-114

More information

Augmenting a Regular Expression-Based Temporal Logic with Local Variables

Augmenting a Regular Expression-Based Temporal Logic with Local Variables Augmenting a Regular Expression-Based Temporal Logic with Local Variables Cindy Eisner IBM Haifa Research Laboratory Email: eisner@il.ibm.com Dana Fisman Hebrew University and IBM Haifa Research Laboratory

More information

Weak Alternating Automata Are Not That Weak

Weak Alternating Automata Are Not That Weak Weak Alternating Automata Are Not That Weak Orna Kupferman Hebrew University Moshe Y. Vardi Rice University Abstract Automata on infinite words are used for specification and verification of nonterminating

More information

Matching Trace Patterns With Regular Policies

Matching Trace Patterns With Regular Policies Matching Trace Patterns With Regular Policies Franz Baader 1, Andreas Bauer 2, and Alwen Tiu 2 1 TU Dresden, Germany, baader@inf.tu-dresden.de 2 The Australian National University, {baueran, alwen.tiu}@rsise.anu.edu.au

More information

On the Characterization of Until as a Fixed Point Under Clocked Semantics

On the Characterization of Until as a Fixed Point Under Clocked Semantics On the Characterization of Until as a Fixed Point Under Clocked Semantics Dana Fisman 1,2 1 Hebrew University 2 IBM Haifa Research Lab Abstract. Modern hardware designs are typically based on multiple

More information

From Liveness to Promptness

From Liveness to Promptness From Liveness to Promptness Orna Kupferman Hebrew University Nir Piterman EPFL Moshe Y. Vardi Rice University Abstract Liveness temporal properties state that something good eventually happens, e.g., every

More information

PSL Model Checking and Run-time Verification via Testers

PSL Model Checking and Run-time Verification via Testers PSL Model Checking and Run-time Verification via Testers Formal Methods 2006 Aleksandr Zaks and Amir Pnueli New York University Introduction Motivation (Why PSL?) A new property specification language,

More information

LTL is Closed Under Topological Closure

LTL is Closed Under Topological Closure LTL is Closed Under Topological Closure Grgur Petric Maretić, Mohammad Torabi Dashti, David Basin Department of Computer Science, ETH Universitätstrasse 6 Zürich, Switzerland Abstract We constructively

More information

A Hierarchy for Accellera s Property Specification Language

A Hierarchy for Accellera s Property Specification Language A Hierarchy for Accellera s Property Specification Language Thomas Türk May 1st, 2005 Diploma Thesis University of Kaiserslautern Supervisor: Prof. Dr. Klaus Schneider Vorliegende Diplomarbeit wurde von

More information

Theoretical Foundations of the UML

Theoretical Foundations of the UML Theoretical Foundations of the UML Lecture 17+18: A Logic for MSCs Joost-Pieter Katoen Lehrstuhl für Informatik 2 Software Modeling and Verification Group moves.rwth-aachen.de/teaching/ws-1718/fuml/ 5.

More information

On the Succinctness of Nondeterminizm

On the Succinctness of Nondeterminizm On the Succinctness of Nondeterminizm Benjamin Aminof and Orna Kupferman Hebrew University, School of Engineering and Computer Science, Jerusalem 91904, Israel Email: {benj,orna}@cs.huji.ac.il Abstract.

More information

Temporal logics and explicit-state model checking. Pierre Wolper Université de Liège

Temporal logics and explicit-state model checking. Pierre Wolper Université de Liège Temporal logics and explicit-state model checking Pierre Wolper Université de Liège 1 Topics to be covered Introducing explicit-state model checking Finite automata on infinite words Temporal Logics and

More information

Alternation Removal in Büchi Automata

Alternation Removal in Büchi Automata Alternation Removal in Büchi Automata Udi Boker, Orna Kupferman and Adin Rosenberg School of Computer Science and Engineering, Hebrew University, Israel. Abstract. Alternating automata play a key role

More information

Temporal Logic. Stavros Tripakis University of California, Berkeley. We have designed a system. We want to check that it is correct.

Temporal Logic. Stavros Tripakis University of California, Berkeley. We have designed a system. We want to check that it is correct. EE 244: Fundamental Algorithms for System Modeling, Analysis, and Optimization Fall 2016 Temporal logic Stavros Tripakis University of California, Berkeley Stavros Tripakis (UC Berkeley) EE 244, Fall 2016

More information

Weak ω-automata. Shaked Flur

Weak ω-automata. Shaked Flur Weak ω-automata Shaked Flur Weak ω-automata Research Thesis Submitted in partial fulllment of the requirements for the degree of Master of Science in Computer Science Shaked Flur Submitted to the Senate

More information

On Regular Temporal Logics with Past

On Regular Temporal Logics with Past , On Regular Temporal Logics with Past Christian Dax 1, Felix Klaedtke 1, and Martin Lange 2 1 ETH Zurich, Switzerland 2 Ludwig-Maximilians-University Munich, Germany Abstract. The IEEE standardized Property

More information

Automata, Logic and Games: Theory and Application

Automata, Logic and Games: Theory and Application Automata, Logic and Games: Theory and Application 1. Büchi Automata and S1S Luke Ong University of Oxford TACL Summer School University of Salerno, 14-19 June 2015 Luke Ong Büchi Automata & S1S 14-19 June

More information

Chapter 3: Linear temporal logic

Chapter 3: Linear temporal logic INFOF412 Formal verification of computer systems Chapter 3: Linear temporal logic Mickael Randour Formal Methods and Verification group Computer Science Department, ULB March 2017 1 LTL: a specification

More information

Some Complexity Results for SystemVerilog Assertions

Some Complexity Results for SystemVerilog Assertions Some Complexity Results for SystemVerilog Assertions Doron Bustan and John Havlicek Freescale Semiconductor, Inc. Abstract. SystemVerilog Assertions (SVA) is a linear temporal logic within the recently

More information

Model Checking of Safety Properties

Model Checking of Safety Properties Model Checking of Safety Properties Orna Kupferman Hebrew University Moshe Y. Vardi Rice University October 15, 2010 Abstract Of special interest in formal verification are safety properties, which assert

More information

Linear Temporal Logic and Büchi Automata

Linear Temporal Logic and Büchi Automata Linear Temporal Logic and Büchi Automata Yih-Kuen Tsay Department of Information Management National Taiwan University FLOLAC 2009 Yih-Kuen Tsay (SVVRL @ IM.NTU) Linear Temporal Logic and Büchi Automata

More information

CS256/Spring 2008 Lecture #11 Zohar Manna. Beyond Temporal Logics

CS256/Spring 2008 Lecture #11 Zohar Manna. Beyond Temporal Logics CS256/Spring 2008 Lecture #11 Zohar Manna Beyond Temporal Logics Temporal logic expresses properties of infinite sequences of states, but there are interesting properties that cannot be expressed, e.g.,

More information

Automata-based Verification - III

Automata-based Verification - III COMP30172: Advanced Algorithms Automata-based Verification - III Howard Barringer Room KB2.20: email: howard.barringer@manchester.ac.uk March 2009 Third Topic Infinite Word Automata Motivation Büchi Automata

More information

Automata-Theoretic Verification

Automata-Theoretic Verification Automata-Theoretic Verification Javier Esparza TU München Orna Kupferman The Hebrew University Moshe Y. Vardi Rice University 1 Introduction This chapter describes the automata-theoretic approach to the

More information

Regular Linear Temporal Logic

Regular Linear Temporal Logic Regular Linear Temporal Logic Martin Leucker 1 and César Sánchez 2,3 1 Institut für Informatik TU München, Germany 2 Computer Science Department Stanford University, Stanford, USA 3 Computer Engineering

More information

Timo Latvala. March 7, 2004

Timo Latvala. March 7, 2004 Reactive Systems: Safety, Liveness, and Fairness Timo Latvala March 7, 2004 Reactive Systems: Safety, Liveness, and Fairness 14-1 Safety Safety properties are a very useful subclass of specifications.

More information

Chapter 4: Computation tree logic

Chapter 4: Computation tree logic INFOF412 Formal verification of computer systems Chapter 4: Computation tree logic Mickael Randour Formal Methods and Verification group Computer Science Department, ULB March 2017 1 CTL: a specification

More information

Closure Under Reversal of Languages over Infinite Alphabets

Closure Under Reversal of Languages over Infinite Alphabets Closure Under Reversal of Languages over Infinite Alphabets Daniel Genkin 1, Michael Kaminski 2(B), and Liat Peterfreund 2 1 Department of Computer and Information Science, University of Pennsylvania,

More information

Automata Theory and Model Checking

Automata Theory and Model Checking Automata Theory and Model Checking Orna Kupferman Abstract We study automata on infinite words and their applications in system specification and verification. We first introduce Büchi automata and survey

More information

Extending temporal logic with!-automata Thesis for the M.Sc. Degree by Nir Piterman Under the Supervision of Prof. Amir Pnueli Department of Computer

Extending temporal logic with!-automata Thesis for the M.Sc. Degree by Nir Piterman Under the Supervision of Prof. Amir Pnueli Department of Computer Extending temporal logic with!-automata Thesis for the M.Sc. Degree by Nir Piterman Under the Supervision of Prof. Amir Pnueli Department of Computer Science The Weizmann Institute of Science Prof. Moshe

More information

Semi-Automatic Distributed Synthesis

Semi-Automatic Distributed Synthesis Semi-Automatic Distributed Synthesis Bernd Finkbeiner and Sven Schewe Universität des Saarlandes, 66123 Saarbrücken, Germany {finkbeiner schewe}@cs.uni-sb.de Abstract. We propose a sound and complete compositional

More information

Lecture Notes on Emptiness Checking, LTL Büchi Automata

Lecture Notes on Emptiness Checking, LTL Büchi Automata 15-414: Bug Catching: Automated Program Verification Lecture Notes on Emptiness Checking, LTL Büchi Automata Matt Fredrikson André Platzer Carnegie Mellon University Lecture 18 1 Introduction We ve seen

More information

Unifying Büchi Complementation Constructions

Unifying Büchi Complementation Constructions Unifying Büchi Complementation Constructions Seth Fogarty, Orna Kupferman 2, Moshe Y. Vardi, and Thomas Wilke 3 Department of Computer Science, Rice University 2 School of Computer Science and Engineering,

More information

Computer-Aided Program Design

Computer-Aided Program Design Computer-Aided Program Design Spring 2015, Rice University Unit 3 Swarat Chaudhuri February 5, 2015 Temporal logic Propositional logic is a good language for describing properties of program states. However,

More information

Weak Alternating Automata and Tree Automata Emptiness

Weak Alternating Automata and Tree Automata Emptiness Weak Alternating Automata and Tree Automata Emptiness Orna Kupferman UC Berkeley Moshe Y. Vardi Rice University Abstract Automata on infinite words and trees are used for specification and verification

More information

Automata theory. An algorithmic approach. Lecture Notes. Javier Esparza

Automata theory. An algorithmic approach. Lecture Notes. Javier Esparza Automata theory An algorithmic approach Lecture Notes Javier Esparza July 2 22 2 Chapter 9 Automata and Logic A regular expression can be seen as a set of instructions ( a recipe ) for generating the words

More information

Chapter 6: Computation Tree Logic

Chapter 6: Computation Tree Logic Chapter 6: Computation Tree Logic Prof. Ali Movaghar Verification of Reactive Systems Outline We introduce Computation Tree Logic (CTL), a branching temporal logic for specifying system properties. A comparison

More information

Equivalence of Regular Expressions and FSMs

Equivalence of Regular Expressions and FSMs Equivalence of Regular Expressions and FSMs Greg Plaxton Theory in Programming Practice, Spring 2005 Department of Computer Science University of Texas at Austin Regular Language Recall that a language

More information

Languages, logics and automata

Languages, logics and automata Languages, logics and automata Anca Muscholl LaBRI, Bordeaux, France EWM summer school, Leiden 2011 1 / 89 Before all that.. Sonia Kowalewskaya Emmy Noether Julia Robinson All this attention has been gratifying

More information

Automata on Infinite words and LTL Model Checking

Automata on Infinite words and LTL Model Checking Automata on Infinite words and LTL Model Checking Rodica Condurache Lecture 4 Lecture 4 Automata on Infinite words and LTL Model Checking 1 / 35 Labeled Transition Systems Let AP be the (finite) set of

More information

Lattice Automata. Orna Kupferman and Yoad Lustig

Lattice Automata. Orna Kupferman and Yoad Lustig Lattice Automata Orna Kupferman and Yoad Lustig Hebrew University, School of Engineering and Computer Science, Jerusalem 91904, Israel Email: {orna,yoadl}@cs.huji.ac.il Abstract. Several verification methods

More information

Logic Model Checking

Logic Model Checking Logic Model Checking Lecture Notes 10:18 Caltech 101b.2 January-March 2004 Course Text: The Spin Model Checker: Primer and Reference Manual Addison-Wesley 2003, ISBN 0-321-22862-6, 608 pgs. the assignment

More information

Automata-based Verification - III

Automata-based Verification - III CS3172: Advanced Algorithms Automata-based Verification - III Howard Barringer Room KB2.20/22: email: howard.barringer@manchester.ac.uk March 2005 Third Topic Infinite Word Automata Motivation Büchi Automata

More information

Alternating-Time Temporal Logic

Alternating-Time Temporal Logic Alternating-Time Temporal Logic R.Alur, T.Henzinger, O.Kupferman Rafael H. Bordini School of Informatics PUCRS R.Bordini@pucrs.br Logic Club 5th of September, 2013 ATL All the material in this presentation

More information

Syntax and Semantics of Propositional Linear Temporal Logic

Syntax and Semantics of Propositional Linear Temporal Logic Syntax and Semantics of Propositional Linear Temporal Logic 1 Defining Logics L, M, = L - the language of the logic M - a class of models = - satisfaction relation M M, ϕ L: M = ϕ is read as M satisfies

More information

Bounded Synthesis. Sven Schewe and Bernd Finkbeiner. Universität des Saarlandes, Saarbrücken, Germany

Bounded Synthesis. Sven Schewe and Bernd Finkbeiner. Universität des Saarlandes, Saarbrücken, Germany Bounded Synthesis Sven Schewe and Bernd Finkbeiner Universität des Saarlandes, 66123 Saarbrücken, Germany Abstract. The bounded synthesis problem is to construct an implementation that satisfies a given

More information

Generalized Parity Games

Generalized Parity Games Generalized Parity Games Krishnendu Chatterjee 1, Thomas A. Henzinger 1,2, and Nir Piterman 2 1 University of California, Berkeley, USA 2 EPFL, Switzerland c krish@eecs.berkeley.edu, {tah,nir.piterman}@epfl.ch

More information

From Löwenheim to Pnueli, from Pnueli to PSL and SVA

From Löwenheim to Pnueli, from Pnueli to PSL and SVA From Löwenheim to Pnueli, from Pnueli to PSL and SVA Moshe Y. Vardi Rice University Thread I: Monadic Logic Monadic Class: First-order logic with = and monadic predicates captures syllogisms. ( x)p(x),

More information

Deciding Safety and Liveness in TPTL

Deciding Safety and Liveness in TPTL Deciding Safety and Liveness in TPTL David Basin a, Carlos Cotrini Jiménez a,, Felix Klaedtke b,1, Eugen Zălinescu a a Institute of Information Security, ETH Zurich, Switzerland b NEC Europe Ltd., Heidelberg,

More information

Automata, Logic and Games: Theory and Application

Automata, Logic and Games: Theory and Application Automata, Logic and Games: Theory and Application 2 Parity Games, Tree Automata, and S2S Luke Ong University of Oxford TACL Summer School University of Salerno, 14-19 June 2015 Luke Ong S2S 14-19 June

More information

Automata and Reactive Systems

Automata and Reactive Systems Automata and Reactive Systems Lecture WS 2002/2003 Prof. Dr. W. Thomas RWTH Aachen Preliminary version (Last change March 20, 2003) Translated and revised by S. N. Cho and S. Wöhrle German version by M.

More information

a Hebrew University b Weizmann Institute c Rice University

a Hebrew University b Weizmann Institute c Rice University Once and For All Orna Kupferman a, Amir Pnueli b,1, Moshe Y. Vardi c a Hebrew University b Weizmann Institute c Rice University Abstract It has long been known that past-time operators add no expressive

More information

Introduction. Büchi Automata and Model Checking. Outline. Büchi Automata. The simplest computation model for infinite behaviors is the

Introduction. Büchi Automata and Model Checking. Outline. Büchi Automata. The simplest computation model for infinite behaviors is the Introduction Büchi Automata and Model Checking Yih-Kuen Tsay Department of Information Management National Taiwan University FLOLAC 2009 The simplest computation model for finite behaviors is the finite

More information

Automata Theory for Presburger Arithmetic Logic

Automata Theory for Presburger Arithmetic Logic Automata Theory for Presburger Arithmetic Logic References from Introduction to Automata Theory, Languages & Computation and Constraints in Computational Logic Theory & Application Presented by Masood

More information

Further discussion of Turing machines

Further discussion of Turing machines Further discussion of Turing machines In this lecture we will discuss various aspects of decidable and Turing-recognizable languages that were not mentioned in previous lectures. In particular, we will

More information

A Tight Lower Bound for Determinization of Transition Labeled Büchi Automata

A Tight Lower Bound for Determinization of Transition Labeled Büchi Automata A Tight Lower Bound for Determinization of Transition Labeled Büchi Automata Thomas Colcombet, Konrad Zdanowski CNRS JAF28, Fontainebleau June 18, 2009 Finite Automata A finite automaton is a tuple A =

More information

Note on winning positions on pushdown games with omega-regular winning conditions

Note on winning positions on pushdown games with omega-regular winning conditions Note on winning positions on pushdown games with omega-regular winning conditions Olivier Serre To cite this version: Olivier Serre. Note on winning positions on pushdown games with omega-regular winning

More information

arxiv: v1 [cs.lo] 17 Jun 2014

arxiv: v1 [cs.lo] 17 Jun 2014 On MITL and alternating timed automata over infinite words Thomas Brihaye 1, Morgane Estiévenart 1, and Gilles Geeraerts 2 1 UMons, Belgium, 2 U.L.B., Belgium arxiv:1406.4395v1 [cs.lo] 17 Jun 2014 Abstract.

More information

Chapter 3 Deterministic planning

Chapter 3 Deterministic planning Chapter 3 Deterministic planning In this chapter we describe a number of algorithms for solving the historically most important and most basic type of planning problem. Two rather strong simplifying assumptions

More information

Büchi Automata and Their Determinization

Büchi Automata and Their Determinization Büchi Automata and Their Determinization Edinburgh, October 215 Plan of the Day 1. Büchi automata and their determinization 2. Infinite games 3. Rabin s Tree Theorem 4. Decidability of monadic theories

More information

From Liveness to Promptness

From Liveness to Promptness From Liveness to Promptness Orna Kupferman 1, Nir Piterman 2, and Moshe Y. Vardi 3 1 Hebrew University 2 Ecole Polytechnique Fédéral de Lausanne (EPFL) 3 Rice University Abstract. Liveness temporal properties

More information

ω-automata Automata that accept (or reject) words of infinite length. Languages of infinite words appear:

ω-automata Automata that accept (or reject) words of infinite length. Languages of infinite words appear: ω-automata ω-automata Automata that accept (or reject) words of infinite length. Languages of infinite words appear: in verification, as encodings of non-terminating executions of a program. in arithmetic,

More information

Variable Automata over Infinite Alphabets

Variable Automata over Infinite Alphabets Variable Automata over Infinite Alphabets Orna Grumberg a, Orna Kupferman b, Sarai Sheinvald b a Department of Computer Science, The Technion, Haifa 32000, Israel b School of Computer Science and Engineering,

More information

Automata-Theoretic LTL Model-Checking

Automata-Theoretic LTL Model-Checking Automata-Theoretic LTL Model-Checking Arie Gurfinkel arie@cmu.edu SEI/CMU Automata-Theoretic LTL Model-Checking p.1 LTL - Linear Time Logic (Pn 77) Determines Patterns on Infinite Traces Atomic Propositions

More information

Basing Decisions on Sentences in Decision Diagrams

Basing Decisions on Sentences in Decision Diagrams Proceedings of the Twenty-Sixth AAAI Conference on Artificial Intelligence Basing Decisions on Sentences in Decision Diagrams Yexiang Xue Department of Computer Science Cornell University yexiang@cs.cornell.edu

More information

An Alternative Construction in Symbolic Reachability Analysis of Second Order Pushdown Systems

An Alternative Construction in Symbolic Reachability Analysis of Second Order Pushdown Systems An Alternative Construction in Symbolic Reachability Analysis of Second Order Pushdown Systems Anil Seth CSE Department, I.I.T. Kanpur, Kanpur 208016, INDIA. seth@cse.iitk.ac.in Abstract. Recently, it

More information

Model checking the basic modalities of CTL with Description Logic

Model checking the basic modalities of CTL with Description Logic Model checking the basic modalities of CTL with Description Logic Shoham Ben-David Richard Trefler Grant Weddell David R. Cheriton School of Computer Science University of Waterloo Abstract. Model checking

More information

Subsumption of concepts in FL 0 for (cyclic) terminologies with respect to descriptive semantics is PSPACE-complete.

Subsumption of concepts in FL 0 for (cyclic) terminologies with respect to descriptive semantics is PSPACE-complete. Subsumption of concepts in FL 0 for (cyclic) terminologies with respect to descriptive semantics is PSPACE-complete. Yevgeny Kazakov and Hans de Nivelle MPI für Informatik, Saarbrücken, Germany E-mail:

More information

Temporal Logic Made Practical

Temporal Logic Made Practical Temporal Logic Made Practical Cindy Eisner and Dana Fisman Abstract In the late seventies, Pnueli suggested that functional properties of reactive systems be formally expressed in temporal logic. In order

More information

Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 66

Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 66 Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 66 Teknillisen korkeakoulun tietojenkäsittelyteorian laboratorion tutkimusraportti 66 Espoo 2000 HUT-TCS-A66

More information

CS 154, Lecture 2: Finite Automata, Closure Properties Nondeterminism,

CS 154, Lecture 2: Finite Automata, Closure Properties Nondeterminism, CS 54, Lecture 2: Finite Automata, Closure Properties Nondeterminism, Why so Many Models? Streaming Algorithms 0 42 Deterministic Finite Automata Anatomy of Deterministic Finite Automata transition: for

More information

Finite Universes. L is a fixed-length language if it has length n for some

Finite Universes. L is a fixed-length language if it has length n for some Finite Universes Finite Universes When the universe is finite (e.g., the interval 0, 2 1 ), all objects can be encoded by words of the same length. A language L has length n 0 if L =, or every word of

More information

Finite Automata and Languages

Finite Automata and Languages CS62, IIT BOMBAY Finite Automata and Languages Ashutosh Trivedi Department of Computer Science and Engineering, IIT Bombay CS62: New Trends in IT: Modeling and Verification of Cyber-Physical Systems (2

More information

Logic and Automata I. Wolfgang Thomas. EATCS School, Telc, July 2014

Logic and Automata I. Wolfgang Thomas. EATCS School, Telc, July 2014 Logic and Automata I EATCS School, Telc, July 2014 The Plan We present automata theory as a tool to make logic effective. Four parts: 1. Some history 2. Automata on infinite words First step: MSO-logic

More information

Partially Ordered Two-way Büchi Automata

Partially Ordered Two-way Büchi Automata Partially Ordered Two-way Büchi Automata Manfred Kufleitner Alexander Lauser FMI, Universität Stuttgart, Germany {kufleitner, lauser}@fmi.uni-stuttgart.de June 14, 2010 Abstract We introduce partially

More information

Chapter 5: Linear Temporal Logic

Chapter 5: Linear Temporal Logic Chapter 5: Linear Temporal Logic Prof. Ali Movaghar Verification of Reactive Systems Spring 94 Outline We introduce linear temporal logic (LTL), a logical formalism that is suited for specifying LT properties.

More information

Characterizing CTL-like logics on finite trees

Characterizing CTL-like logics on finite trees Theoretical Computer Science 356 (2006) 136 152 www.elsevier.com/locate/tcs Characterizing CTL-like logics on finite trees Zoltán Ésik 1 Department of Computer Science, University of Szeged, Hungary Research

More information

CDS 270 (Fall 09) - Lecture Notes for Assignment 8.

CDS 270 (Fall 09) - Lecture Notes for Assignment 8. CDS 270 (Fall 09) - Lecture Notes for Assignment 8. ecause this part of the course has no slides or textbook, we will provide lecture supplements that include, hopefully, enough discussion to complete

More information

Optimal Bounds in Parametric LTL Games

Optimal Bounds in Parametric LTL Games Optimal Bounds in Parametric LTL Games Martin Zimmermann 1 Institute of Informatics University of Warsaw Warsaw, Poland Abstract Parameterized linear temporal logics are extensions of Linear Temporal Logic

More information

Minimization of Tree Automata

Minimization of Tree Automata Universität des Saarlandes Naturwissenschaftlich-Technische Fakultät 1 Fachrichtung Informatik Bachelor-Studiengang Informatik Bachelor s Thesis Minimization of Tree Automata submitted by Thomas von Bomhard

More information

Solving Partial-Information Stochastic Parity Games

Solving Partial-Information Stochastic Parity Games Solving Partial-Information Stochastic Parity ames Sumit Nain and Moshe Y. Vardi Department of Computer Science, Rice University, Houston, Texas, 77005 Email: {nain,vardi}@cs.rice.edu Abstract We study

More information

From Nondeterministic Büchi and Streett Automata to Deterministic Parity Automata

From Nondeterministic Büchi and Streett Automata to Deterministic Parity Automata From Nondeterministic Büchi and Streett Automata to Deterministic Parity Automata Nir Piterman Ecole Polytechnique Fédéral de Lausanne (EPFL) Abstract Determinization and complementation are fundamental

More information

T Reactive Systems: Temporal Logic LTL

T Reactive Systems: Temporal Logic LTL Tik-79.186 Reactive Systems 1 T-79.186 Reactive Systems: Temporal Logic LTL Spring 2005, Lecture 4 January 31, 2005 Tik-79.186 Reactive Systems 2 Temporal Logics Temporal logics are currently the most

More information

Unranked Tree Automata with Sibling Equalities and Disequalities

Unranked Tree Automata with Sibling Equalities and Disequalities Unranked Tree Automata with Sibling Equalities and Disequalities Wong Karianto Christof Löding Lehrstuhl für Informatik 7, RWTH Aachen, Germany 34th International Colloquium, ICALP 2007 Xu Gao (NFS) Unranked

More information

Safraless Compositional Synthesis

Safraless Compositional Synthesis Safraless Compositional Synthesis Orna Kupferman 1, Nir Piterman 2, and Moshe Y. Vardi 3 1 Hebrew University 2 Ecole Polytechnique Fédéral de Lausanne (EPFL) 3 Rice University and Microsoft Research Abstract.

More information

Strategy Logic. 1 Introduction. Krishnendu Chatterjee 1, Thomas A. Henzinger 1,2, and Nir Piterman 2

Strategy Logic. 1 Introduction. Krishnendu Chatterjee 1, Thomas A. Henzinger 1,2, and Nir Piterman 2 Strategy Logic Krishnendu Chatterjee 1, Thomas A. Henzinger 1,2, and Nir Piterman 2 1 University of California, Berkeley, USA 2 EPFL, Switzerland c krish@eecs.berkeley.edu, {tah,nir.piterman}@epfl.ch Abstract.

More information

FROM NONDETERMINISTIC BÜCHI AND STREETT AUTOMATA TO DETERMINISTIC PARITY AUTOMATA

FROM NONDETERMINISTIC BÜCHI AND STREETT AUTOMATA TO DETERMINISTIC PARITY AUTOMATA Logical Methods in Computer Science Vol. 3 (3:5) 2007, pp. 1 21 www.lmcs-online.org Submitted Nov. 9, 2006 Published Aug. 14, 2007 FROM NONDETERMINISTIC BÜCHI AND STREETT AUTOMATA TO DETERMINISTIC PARITY

More information

Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 83

Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 83 Helsinki University of Technology Laboratory for Theoretical Computer Science Research Reports 83 Teknillisen korkeakoulun tietojenkäsittelyteorian laboratorion tutkimusraportti 83 Espoo 2003 HUT-TCS-A83

More information

Alternating nonzero automata

Alternating nonzero automata Alternating nonzero automata Application to the satisfiability of CTL [,, P >0, P =1 ] Hugo Gimbert, joint work with Paulin Fournier LaBRI, Université de Bordeaux ANR Stoch-MC 06/07/2017 Control and verification

More information

Propositional Dynamic Logic

Propositional Dynamic Logic Propositional Dynamic Logic Contents 1 Introduction 1 2 Syntax and Semantics 2 2.1 Syntax................................. 2 2.2 Semantics............................... 2 3 Hilbert-style axiom system

More information

Course Runtime Verification

Course Runtime Verification Course Martin Leucker (ISP) Volker Stolz (Høgskolen i Bergen, NO) INF5140 / V17 Chapters of the Course Chapter 1 Recall in More Depth Chapter 2 Specification Languages on Words Chapter 3 LTL on Finite

More information

LTL with Arithmetic and its Applications in Reasoning about Hierarchical Systems

LTL with Arithmetic and its Applications in Reasoning about Hierarchical Systems This space is reserved for the EPiC Series header, do not use it LTL with Arithmetic and its Applications in Reasoning about Hierarchical Systems Rachel Faran and Orna Kupferman The Hebrew University,

More information

Antichain Algorithms for Finite Automata

Antichain Algorithms for Finite Automata Antichain Algorithms for Finite Automata Laurent Doyen 1 and Jean-François Raskin 2 1 LSV, ENS Cachan & CNRS, France 2 U.L.B., Université Libre de Bruxelles, Belgium Abstract. We present a general theory

More information

From Monadic Second-Order Definable String Transformations to Transducers

From Monadic Second-Order Definable String Transformations to Transducers From Monadic Second-Order Definable String Transformations to Transducers Rajeev Alur 1 Antoine Durand-Gasselin 2 Ashutosh Trivedi 3 1 University of Pennsylvania 2 LIAFA, Université Paris Diderot 3 Indian

More information

An On-the-fly Tableau Construction for a Real-Time Temporal Logic

An On-the-fly Tableau Construction for a Real-Time Temporal Logic #! & F $ F ' F " F % An On-the-fly Tableau Construction for a Real-Time Temporal Logic Marc Geilen and Dennis Dams Faculty of Electrical Engineering, Eindhoven University of Technology P.O.Box 513, 5600

More information

Automata Theory. Lecture on Discussion Course of CS120. Runzhe SJTU ACM CLASS

Automata Theory. Lecture on Discussion Course of CS120. Runzhe SJTU ACM CLASS Automata Theory Lecture on Discussion Course of CS2 This Lecture is about Mathematical Models of Computation. Why Should I Care? - Ways of thinking. - Theory can drive practice. - Don t be an Instrumentalist.

More information

Synthesis of Asynchronous Systems

Synthesis of Asynchronous Systems Synthesis of Asynchronous Systems Sven Schewe and Bernd Finkbeiner Universität des Saarlandes, 66123 Saarbrücken, Germany {schewe finkbeiner}@cs.uni-sb.de Abstract. This paper addresses the problem of

More information

Classes and conversions

Classes and conversions Classes and conversions Regular expressions Syntax: r = ε a r r r + r r Semantics: The language L r of a regular expression r is inductively defined as follows: L =, L ε = {ε}, L a = a L r r = L r L r

More information
2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback